Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/E1kcx95UTmRjUK7Z2PdzQCLOJXg.roa
File: E1kcx95UTmRjUK7Z2PdzQCLOJXg.roa (raw, json)
Hash identifier: G+2Bcqt1W4bMp+/RLvA7kkhNtbsznao2WRHfbOoqtG4=
Subject key identifier: 13:59:1C:C7:DE:54:4E:64:63:50:AE:D9:D8:F7:73:40:22:CE:25:78
Certificate issuer: /CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Certificate serial: 018E5E1C20917D1A0E8D6595BD63B29AA80F
Authority key identifier: D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/E1kcx95UTmRjUK7Z2PdzQCLOJXg.roa
Signing time: Wed 20 Mar 2024 23:04:45 +0000
ROA not before: Wed 20 Mar 2024 23:04:45 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:18d:c109:b478/128 maxlen: 128
2001:67c:64:ffff:0:18d:e84f:370a/128 maxlen: 128
2001:67c:64:ffff:0:18e:5e1b:b51c/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:5e:1c:20:91:7d:1a:0e:8d:65:95:bd:63:b2:9a:a8:0f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Validity
Not Before: Mar 20 23:04:45 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=13591cc7de544e646350aed9d8f7734022ce2578
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a7:38:30:93:81:ad:96:57:e5:ea:15:c6:d0:d2:
7f:00:a9:2c:99:0f:5f:0d:62:c3:ff:fe:36:49:f9:
a6:ad:5b:49:84:62:f5:4e:16:24:63:22:29:2c:ca:
68:cf:bd:63:66:37:0d:0d:16:a7:9e:e5:0f:d0:0a:
85:fa:c3:37:43:24:65:50:32:e0:14:47:ae:fe:e1:
bf:c4:1a:16:2d:4c:92:32:00:51:f1:29:17:8a:2c:
2b:df:0a:ae:76:50:30:1b:9f:bd:8a:be:21:25:02:
bd:0c:78:7a:96:df:9e:c0:58:9a:3e:d6:3a:85:4b:
e1:92:58:e1:81:bd:19:4a:2a:5d:1e:23:8c:52:40:
6b:74:85:29:b6:7c:7c:62:e8:3c:d2:e4:bd:d9:f9:
cf:6b:5d:54:dd:e1:2a:0a:76:cc:dc:b3:b0:31:0c:
8e:e3:a6:0f:46:d4:7a:f3:fe:9b:1d:0f:a1:3d:f8:
f3:d6:f0:1e:dc:90:4a:18:f3:0b:12:a2:b7:bd:02:
92:ad:92:48:e8:b5:1b:43:c8:62:2c:89:d7:77:1e:
6f:87:e4:29:d8:cb:71:83:e9:3a:b6:0c:a8:e0:f3:
9a:9c:f8:6c:21:bc:f7:3a:d8:78:ad:f5:03:83:c7:
29:8e:ec:01:d1:43:56:70:3f:23:31:56:bd:59:7f:
6f:f1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
13:59:1C:C7:DE:54:4E:64:63:50:AE:D9:D8:F7:73:40:22:CE:25:78
X509v3 Authority Key Identifier:
keyid:D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/E1kcx95UTmRjUK7Z2PdzQCLOJXg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/07PaPsuKfUM944M4Zns15o33P4w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
a3:6f:51:9b:34:b0:1e:86:ed:c2:de:fb:40:7d:a2:6a:88:fb:
42:9f:31:85:aa:24:68:36:bb:42:f3:c5:97:b3:29:b7:28:42:
ea:f0:f0:dd:7e:87:3b:0f:ea:0f:0a:a0:e6:e4:2f:e4:5a:a6:
d6:ff:24:11:98:e0:2b:27:8d:42:a8:ab:e1:88:ea:c3:6c:d3:
bb:1f:bc:b2:fb:2d:1d:c5:68:51:a9:7b:39:a2:fe:bd:3f:f2:
b5:a1:2b:d8:9e:cc:bb:60:c4:8b:c8:5d:ad:c8:a8:54:07:c6:
e8:0a:a1:1c:a4:a3:fa:e8:ea:ea:27:8d:cf:8e:0a:c8:90:f0:
53:9a:5c:22:63:0e:12:a7:6a:ee:eb:67:19:3d:8c:f3:db:28:
a0:32:3e:da:ad:03:1e:7d:9c:bc:4c:c2:d3:c3:19:76:9c:37:
ec:6c:0e:67:39:03:9f:6e:2a:4e:36:6e:c7:56:64:04:c5:3a:
7e:c3:97:bf:24:86:9e:3a:11:76:b7:aa:f8:84:3a:e1:d0:bf:
40:af:61:40:84:58:16:1b:00:28:b2:8b:15:42:f9:cc:85:2a:
28:fd:4c:64:6a:a6:2c:b2:cb:71:6b:a8:8f:b7:93:7c:43:9b:
3c:9e:f2:0c:6a:5d:7d:e3:bb:5f:c4:8d:c8:8f:b0:4f:6b:1b:
ce:20:d1:ae
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAY5eHCCRfRoOjWWVvWOymqgPMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQzYjNkYTNlY2I4YTdkNDMzZGUzODMzODY2N2IzNWU2OGRm
NzNmOGMwHhcNMjQwMzIwMjMwNDQ1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxMzU5MWNjN2RlNTQ0ZTY0NjM1MGFlZDlkOGY3NzM0MDIyY2UyNTc4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApzgwk4Gtllfl6hXG0NJ/AKksmQ9f
DWLD//42SfmmrVtJhGL1ThYkYyIpLMpoz71jZjcNDRannuUP0AqF+sM3QyRlUDLg
FEeu/uG/xBoWLUySMgBR8SkXiiwr3wqudlAwG5+9ir4hJQK9DHh6lt+ewFiaPtY6
hUvhkljhgb0ZSipdHiOMUkBrdIUptnx8Yug80uS92fnPa11U3eEqCnbM3LOwMQyO
46YPRtR68/6bHQ+hPfjz1vAe3JBKGPMLEqK3vQKSrZJI6LUbQ8hiLInXdx5vh+Qp
2Mtxg+k6tgyo4POanPhsIbz3Oth4rfUDg8cpjuwB0UNWcD8jMVa9WX9v8QIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFBNZHMfeVE5kY1Cu2dj3c0AiziV4MB8GA1UdIwQY
MBaAFNOz2j7Lin1DPeODOGZ7NeaN9z+MMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODct
YzUzOTc5ZDY2Y2E1LzEvRTFrY3g5NVVUbVJqVUs3WjJQZHpRQ0xPSlhnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODctYzUzOTc5ZDY2Y2E1
LzEvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAKNvUZs0sB6G7cLe+0B9
omqI+0KfMYWqJGg2u0LzxZezKbcoQurw8N1+hzsP6g8KoObkL+Raptb/JBGY4Csn
jUKoq+GI6sNs07sfvLL7LR3FaFGpezmi/r0/8rWhK9iezLtgxIvIXa3IqFQHxugK
oRyko/ro6uonjc+OCsiQ8FOaXCJjDhKnau7rZxk9jPPbKKAyPtqtAx59nLxMwtPD
GXacN+xsDmc5A59uKk42bsdWZATFOn7Dl78khp46EXa3qviEOuHQv0CvYUCEWBYb
ACiyixVC+cyFKij9TGRqpiyyy3FrqI+3k3xDmzye8gxqXX3ju1/EjciPsE9rG84g
0a4=
-----END CERTIFICATE-----
Generated at Mon Apr 21 01:58:33 2025 by rpki-client